Re: Warning "Revalidation failed" and TCP_REFRESH_UNMODIFIED/200

On Wed, 3 Aug 2011 18:38:11 +0300, Tsachi wrote: Hey, I am testing Squid 3.2.0.5, Please keep up with the beta releases. Current "most stable" is 3.2.0.8, followed closely by 3.2.0.10. Can you please comment if these are normal or not: Client is sending a GET request for a file (No IMS in

Jenkins build is back to normal : 3.HEAD-i386-OpenBSD #1019

See

Warning "Revalidation failed" and TCP_REFRESH_UNMODIFIED/200

Hey, I am testing Squid 3.2.0.5, Can you please comment if these are normal or not: Client is sending a GET request for a file (No IMS in the request), Squid has the file but it is Stale. Squid sends an IMS request to the HTTP server and get a 304 reply (Not modified) Then Squid sends the file to

Re: [PATCH] CVE-2009-0801: Host header validation

On 18/07/11 01:24, Amos Jeffries wrote: This patch adds a verify step between header parsing and http_access to validate that the Host: header matches the URL for forward-proxied traffic or the destination IP:port for intercepted traffic. This is part 1 of the CVE-2009-0801 protections. The vali

Build failed in Jenkins: 3.HEAD-i386-OpenBSD #1018

See Changes: [Christos Tsantilas] author: Measurement Factory Bug 3118: ecap_enable on forces icap_enable on We were updating [Icap|Ecap]::TheConfig even when [icap|ecap]_enable was false, which may lead to service activation fo

Re: Fwd: HTTPS pass through / SNI filtering

Hi Deniz, You can not use SSL SNI in squid unless you are intercepting the SSL connection. So you need to touch the sslbump related code. I think you should touch the httpsAccept function which is implemented in client_side.cc file. Some time ago created an experimental SNI patch which funde

Re: Fwd: HTTPS pass through / SNI filtering

On 03/08/11 20:38, Deniz Eren wrote: Hi again; I have changed tunnelStart(...) function a bit and now I can create fake HTTP request without depending on ClientHttpRequest, but problem is I could not find the right place to intercept connection and use tunnelStart(...) to forward HTTPS packets t

Re: [PATCH] Bug 3118: ecap_enable on forces icap_enable on

On 08/02/2011 12:24 PM, Amos Jeffries wrote: On 01/08/11 22:08, Tsantilas Christos wrote: On 07/30/2011 02:36 AM, Amos Jeffries wrote: On 30/07/11 02:10, Tsantilas Christos wrote: This is a patch which solves the bug 3118. Because it is not so small I am posting it here for comments. Here is

Fwd: HTTPS pass through / SNI filtering

Hi again; I have changed tunnelStart(...) function a bit and now I can create fake HTTP request without depending on ClientHttpRequest, but problem is I could not find the right place to intercept connection and use tunnelStart(...) to forward HTTPS packets through squid. Can you give me ideas whe